{"DateBased":true,"Day":13,"Month":1,"Year":1993,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":2648,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:46:06.624806308Z | 53 | PC: 12a53 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T11:46:06.626349078Z | 37 | PC: 12a64 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T11:46:06.627498817Z | 42 | PC: 12ae9 | Get date 0x12ae9: cmp cx, 0x7c9 0x12aed: jb 0x12b3f 0x12aef: cmp dl, 0xd 0x12af2: jne 0x12b3f 0x12af4: mov ah, 0x2c 0x12af6: int 0x21 0x12af8: cmp ch, 0xd 0x12afb: jne 0x12b3f 0x12afd: mov ah, 9 0x12aff: mov dx, 0x21d 0x12b02: int 0x21 0x12b04: mov cx, 2 0x12b07: push cx 0x12b08: cli 0x12b09: mov dx, 0x2ee0 0x12b0c: sub dx, word ptr cs:[0x1388] 0x12b11: mov bx, 0x64 0x12b14: mov al, 0xb6 0x12b16: out 0x43, al 0x12b18: mov ax, bx |
| 2018-12-25T11:46:06.62963984Z | 44 | PC: 12af8 | Get time 0x12af8: cmp ch, 0xd 0x12afb: jne 0x12b3f 0x12afd: mov ah, 9 0x12aff: mov dx, 0x21d 0x12b02: int 0x21 0x12b04: mov cx, 2 0x12b07: push cx 0x12b08: cli 0x12b09: mov dx, 0x2ee0 0x12b0c: sub dx, word ptr cs:[0x1388] 0x12b11: mov bx, 0x64 0x12b14: mov al, 0xb6 0x12b16: out 0x43, al 0x12b18: mov ax, bx 0x12b1a: out 0x42, al 0x12b1c: mov al, ah 0x12b1e: out 0x42, al 0x12b20: in al, 0x61 0x12b22: mov ah, 0 0x12b24: or ax, 3 |
| 2018-12-25T11:46:06.632132561Z | 37 | PC: 12a7d | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":2648,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:46:06.75834088Z | 53 | PC: 12a53 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T11:46:06.760416407Z | 37 | PC: 12a64 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T11:46:06.762363309Z | 42 | PC: 12ae9 | Get date 0x12ae9: cmp cx, 0x7c9 0x12aed: jb 0x12b3f 0x12aef: cmp dl, 0xd 0x12af2: jne 0x12b3f 0x12af4: mov ah, 0x2c 0x12af6: int 0x21 0x12af8: cmp ch, 0xd 0x12afb: jne 0x12b3f 0x12afd: mov ah, 9 0x12aff: mov dx, 0x21d 0x12b02: int 0x21 0x12b04: mov cx, 2 0x12b07: push cx 0x12b08: cli 0x12b09: mov dx, 0x2ee0 0x12b0c: sub dx, word ptr cs:[0x1388] 0x12b11: mov bx, 0x64 0x12b14: mov al, 0xb6 0x12b16: out 0x43, al 0x12b18: mov ax, bx |
| 2018-12-25T11:46:06.765397631Z | 37 | PC: 12a7d | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
{"DateBased":true,"Day":1,"Month":1,"Year":1993,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":2648,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:46:06.878483907Z | 53 | PC: 12a53 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T11:46:06.88038474Z | 37 | PC: 12a64 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T11:46:06.881966376Z | 42 | PC: 12ae9 | Get date 0x12ae9: cmp cx, 0x7c9 0x12aed: jb 0x12b3f 0x12aef: cmp dl, 0xd 0x12af2: jne 0x12b3f 0x12af4: mov ah, 0x2c 0x12af6: int 0x21 0x12af8: cmp ch, 0xd 0x12afb: jne 0x12b3f 0x12afd: mov ah, 9 0x12aff: mov dx, 0x21d 0x12b02: int 0x21 0x12b04: mov cx, 2 0x12b07: push cx 0x12b08: cli 0x12b09: mov dx, 0x2ee0 0x12b0c: sub dx, word ptr cs:[0x1388] 0x12b11: mov bx, 0x64 0x12b14: mov al, 0xb6 0x12b16: out 0x43, al 0x12b18: mov ax, bx |
| 2018-12-25T11:46:06.884370161Z | 37 | PC: 12a7d | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |